CN102024111A - On-line scanning method for website programs - Google Patents
On-line scanning method for website programs Download PDFInfo
- Publication number
- CN102024111A CN102024111A CN201010593979XA CN201010593979A CN102024111A CN 102024111 A CN102024111 A CN 102024111A CN 201010593979X A CN201010593979X A CN 201010593979XA CN 201010593979 A CN201010593979 A CN 201010593979A CN 102024111 A CN102024111 A CN 102024111A
- Authority
- CN
- China
- Prior art keywords
- procedure site
- scanned
- absolute path
- program
- unique identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides an on-line scanning method for website programs, comprising the following steps: writing the website programs needing to be scanned into a scanning file which comprises an absolute path of each website program needing to be scanned, and a unique identification of the website program; comparing the unique identification of the website programs which are provided with the same absolute path and need to be scanned in the scanning file and an image file with the unique identification of the original website programs needing to be scanned, wherein the image file comprises the absolute path and the unique identification of each original website program needing to be scanned; and if the unique identifications of the two website programs with the same absolute path are different, identifying the website programs needing to be scanned as modified website programs. According to the on-line scanning method, network managers can rapidly and effectively detect the website programs and positions the modified programs.
Description
Technical field
The present invention relates to procedure site at line sweep, more specifically, the present invention relates to the online mirror image method for scanning of a kind of procedure site.
Background technology
At present the method that whether is modified of known inspection procedure site is normally after downloading to this locality to program from Website server, by manually comparing, or with comparison software the program of downloading compared.These methods not only need to preserve original program, also need the program of moving is downloaded from Website server, utilize the comparison software of installing to compare, thereby checked operation are very loaded down with trivial details.
Therefore, thus need a kind ofly to know to procedure site inspection which file is by the method for malicious modification by the online scans web sites program of browser.
Summary of the invention
In order to solve above-mentioned technical matters of the prior art, whether the invention provides a kind of browser On line inspection procedure site that passes through by the method for malicious modification.Whether the On line inspection of procedure site promptly offers network manager's On line inspection procedure site by the platform of user's malicious modification at line sweep, make the network manager whether pass through the online procedure site of just can checking of browser by malicious modification, which procedure site is modified, and which amended procedure site includes the function and/or the code of appointment.According to the method for online scans web sites program of the present invention not needs program is downloaded to manually compare behind this locality or compare with software, simplified the operation steps that procedure site is scanned and saved and checked the used time, made the network manager can fast and effeciently check procedure site and the program that is modified is positioned.
The invention provides a kind of method of online scans web sites program, this method may further comprise the steps:
The procedure site of needs scanning is write scanning document, and this scanning document comprises the absolute path of the procedure site that each need scan and the unique identification of this procedure site;
To have the unique identification of procedure site of needs scanning of identical absolute path and the unique identification of original web program to be scanned compares in the scanning document with in the image file, this image file comprises the absolute path and the unique identification of each original web program to be scanned;
If described unique identification difference with two procedure sites of identical absolute path then will need the procedure site of scanning to be identified as the procedure site that is modified.
Preferably, described image file is the form of two bit array, and the key of two bit array is the absolute path of original web program to be scanned, is worth the unique identification for this original web program to be scanned; And described scanning document is the form of two bit array, and the key of two bit array is the absolute path that needs the procedure site of scanning, is worth the unique identification for the procedure site of needs scanning.
Preferably, after the webmaster revises original web program to be scanned, regenerate the image file of original web program to be scanned.
Preferably, original web program to be scanned is arranged in file to be scanned, and described image file comprises the absolute path and the unique identification of each original web program in the file to be scanned.
Preferably, this method further comprises, screens the procedure site of needs scanning according to the type of procedure site.
Preferably, this method further comprises, the absolute path that is identified as the procedure site that is modified is write scanning document or destination file with the form of one-dimension array.
Preferably, to function, will comprise the absolute path of procedure site of this specified function and the function of this appointment and write scanning document or destination file corresponding to the procedure site of the absolute path of one-dimension array form in scanning document or destination file search appointment.
Preferably, to code, will comprise the absolute path of procedure site of this code and the code of this appointment and write scanning document or destination file corresponding to the procedure site of the absolute path of one-dimension array form in scanning document or destination file search appointment.
Preferably, generate the unique identification of procedure site with the md5_file function.
Beneficial effect of the present invention is as follows:
Adopt technical scheme of the present invention, whether the user is checking procedure site by malicious modification, needs that no longer program is downloaded to this locality and carries out the file contrast with software, improves and made things convenient for keeper's proving time.
Description of drawings
Below with reference to accompanying drawings and in conjunction with preferred implementation of the present invention characteristics of the present invention and advantage are elaborated, wherein,
Fig. 1 illustrates the structural representation according to the image file of procedure site to be scanned of the present invention;
Fig. 2 illustrates the process flow diagram according to the method for online scans web sites program of the present invention.
Embodiment
Below in conjunction with accompanying drawing main realization principle, the embodiment of technical solution of the present invention and the beneficial effect that can reach thereof are explained in detail.
The network manager is after finishing the editor of a certain procedure site, in the operational process of this procedure site, need to check its correctness if think, check that promptly whether this procedure site is by malicious modification, the keeper at first needs this procedure site, original web program hereinafter referred to as to be scanned, carry out unique identification, for example available md5_file function generates the unique identification of original web program to be scanned.The unique identification of the absolute path of this original web program to be scanned and generation is write in the image file of bak.txt file for example.This image file is the form of two bit array, and key is the absolute path of original web program to be scanned, is worth the unique identification for this program, as shown in Figure 1.Thus, comprise absolute path and its sign of all original web programs to be scanned in the image file, there are one-to-one relationship in comprise absolute path and uniquely identified array and original web program to be scanned in the image file.Like this, each procedure site to be scanned is comprised its absolute path and the uniquely identified two-dimensional array identifies uniquely in the image file.After the keeper makes amendment to procedure site, need regenerate its unique identification, and its absolute path and unique identification are write image file again.
Preferably, original web program to be scanned is put into file to be scanned.File to be scanned is generated the uniquely identified image file that comprises all programs to be scanned under this document folder.Utilize this image file, can be by procedure site be realized inspection to procedure site at line sweep.
Fig. 2 illustrates the process flow diagram according to the method for online scans web sites program of the present invention.
When the procedure site in the website is scanned, need all procedure sites of scanning by traversal, the procedure site of needs scanning is write in the scanning document of needscan.txt for example.This scanning document is the form of two bit array, and key is the absolute path that needs the procedure site of scanning, is worth the unique identification for this program.Thus, comprise its absolute path in each procedure site scanned document that need scan and the uniquely identified two-dimensional array identifies uniquely.
From needscan.txt, read all programs that need scanning, if the keeper does not want all types of programs are scanned, comprise for example .php such as procedure site, .html, .js three types program, the keeper only wants the program of .php file type is wherein scanned, preferably, the keeper can screen the procedure site that needs scan according to the type of program, stay the program of the type that needs scanning, and as mentioned above, the form that needs the absolute path of the procedure site that scans and unique identification with the two-dimensional array of key and value after the screening is write the needscan.txt file.
Subsequently, will need the unique identification of original web program to be scanned among the unique identification of scans web sites program and the image file bak.txt to compare among the scanning document needscan.txt.When the unique identification of unique identification that needs the scans web sites program with identical absolute path and original web program to be scanned not simultaneously, illustrate that then this procedure site was modified.For example has file a.php by name among the needscan.txt of identical absolute path, unique identification procedure site for " fdadfsafasfde43 ", with the a.php by name of file among the bak.txt, unique identification be the procedure site of " fffffffff002 ", the unique identification difference of the two, then the procedure site of supporting paper a.php by name is by the malicious modification mistake.
Further, the absolute path of the procedure site crossed by malicious modification can be write the needscan.txt file with the form of one-dimension array, or write among the destination file result.txt.Thus, when the contrast of the array in the scanning document and the array in the image file is finished, preserved the absolute path of all procedure sites of being crossed by malicious modification among the scanning document needscan.txt.
Further, if the keeper will find the program code that comprises the function of appointment in which program file or comprise certain section appointment from these programs of being crossed by malicious modification, can proceed following step.
If the keeper will by which program file of accurate in locating the program file of malicious modification be comprised one or more functions of appointment from these, need read successively among scanning document needscan.txt or the destination file result.tex by the procedure site of malicious modification, one or more functions of search appointment, the absolute path that will comprise the procedure site of specified function comprises specified function with institute and writes among the destination file result.txt.
If the keeper will by which program file of accurate in locating the program file of malicious modification be comprised one or more codes of appointment from these, need read successively among scanning document needscan.txt or the destination file result.tex by the procedure site of malicious modification, one or more codes of search appointment, the absolute path that will comprise the procedure site of appointment codes writes among the destination file result.txt with the appointment codes that is comprised.
The scanning result that the in store keeper of destination file result.txt needs, comprise the procedure site that is modified absolute path, comprise specified function and be modified the absolute path and the specified function that is comprised of procedure site and/or comprise appointment codes and be modified the absolute path of procedure site and the appointment codes that is comprised.
Various scanning results can listed files form output, to make things convenient for checking of keeper.The keeper can find this program that is modified according to the absolute path of the procedure site that is modified shown in the tabulation, and it is edited.
Should be appreciated that abovely to have been described in detail, should be appreciated that above explanation is illustrative and not restrictive by the preferred embodiments of the present invention technical scheme of the present invention.Those of ordinary skill in the art is reading on the basis of instructions of the present invention and can make amendment to the technical scheme that each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.Protection scope of the present invention is only limited by the claims of enclosing.
Claims (9)
1. the method for an online scans web sites program is characterized in that, this method may further comprise the steps:
The procedure site of needs scanning is write scanning document, and this scanning document comprises the absolute path of the procedure site that each need scan and the unique identification of this procedure site;
To have the unique identification of procedure site of needs scanning of identical absolute path and the unique identification of original web program to be scanned compares in the scanning document with in the image file, this image file comprises the absolute path and the unique identification of each original web program to be scanned;
If described unique identification difference with two procedure sites of identical absolute path then will need the procedure site of scanning to be identified as the procedure site that is modified.
2. the method for online scans web sites program according to claim 1 is characterized in that, described image file is the form of two bit array, and the key of two bit array is the absolute path of original web program to be scanned, is worth the unique identification for this original web program to be scanned; And described scanning document is the form of two bit array, and the key of two bit array is the absolute path that needs the procedure site of scanning, is worth the unique identification for the procedure site of needs scanning.
3. the method for online scans web sites program according to claim 1 is characterized in that, after the webmaster revises original web program to be scanned, regenerates the image file of original web program to be scanned.
4. the method for online scans web sites program according to claim 1 is characterized in that, original web program to be scanned is arranged in file to be scanned, and described image file comprises the absolute path and the unique identification of each original web program in the file to be scanned.
5. the method for online scans web sites program according to claim 1 is characterized in that, this method further comprises, screens the procedure site of needs scanning according to the type of procedure site.
6. the method for online scans web sites program according to claim 1 is characterized in that, this method further comprises, the absolute path that is identified as the procedure site that is modified is write scanning document or destination file with the form of one-dimension array.
7. the method for online scans web sites program according to claim 4, it is characterized in that, to function, will comprise the absolute path of procedure site of this specified function and the function of this appointment and write scanning document or destination file corresponding to the procedure site search appointment of the absolute path correspondence of one-dimension array form in scanning document or the destination file.
8. the method for online scans web sites program according to claim 4, it is characterized in that, to code, will comprise the absolute path of procedure site of this code and the code of this appointment and write scanning document or destination file corresponding to the procedure site search appointment of the absolute path correspondence of one-dimension array form in scanning document or the destination file.
9. the method for online scans web sites program according to claim 1 is characterized in that, generates the unique identification of procedure site with the md5_file function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010593979XA CN102024111A (en) | 2010-12-17 | 2010-12-17 | On-line scanning method for website programs |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010593979XA CN102024111A (en) | 2010-12-17 | 2010-12-17 | On-line scanning method for website programs |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102024111A true CN102024111A (en) | 2011-04-20 |
Family
ID=43865397
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010593979XA Pending CN102024111A (en) | 2010-12-17 | 2010-12-17 | On-line scanning method for website programs |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102024111A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109388568A (en) * | 2018-09-29 | 2019-02-26 | 百度在线网络技术(北京)有限公司 | Code test method and device |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030188194A1 (en) * | 2002-03-29 | 2003-10-02 | David Currie | Method and apparatus for real-time security verification of on-line services |
-
2010
- 2010-12-17 CN CN201010593979XA patent/CN102024111A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030188194A1 (en) * | 2002-03-29 | 2003-10-02 | David Currie | Method and apparatus for real-time security verification of on-line services |
Non-Patent Citations (2)
| Title |
|---|
| 《中国优秀硕士学位论文全文数据库信息科技辑》 20100430 罗利民 网页防篡改技术的研究与应用 CNKI系列数据库 29-40页 1-9 , 第4期 * |
| 《计算机与现代化》 20091130 张万斌 一种网站页面保护程序的设计与实现 计算机与现代化编辑部 81-82页 1-9 , 第11期 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109388568A (en) * | 2018-09-29 | 2019-02-26 | 百度在线网络技术(北京)有限公司 | Code test method and device |
| CN109388568B (en) * | 2018-09-29 | 2020-05-15 | 百度在线网络技术(北京)有限公司 | Code testing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104995630B (en) | Computing system and method for security test | |
| US20080320109A1 (en) | Complex software deployment | |
| CN104978191A (en) | Application deployment method and server | |
| CN105068925A (en) | Software security flaw discovering system | |
| KR20190136232A (en) | Electronic device for detecting vulnerability of software and operation method thereof | |
| CN102436402B (en) | Module repairing method in software and software equipment | |
| CN106529294B (en) | A method of determine for mobile phone viruses and filters | |
| CN103530565A (en) | Method and device for scanning website program bugs based on web | |
| GB2507037A (en) | Software application discovery using variable frequency file system scanning | |
| CN103823665B (en) | SDK (software development kit) activeness analyzing method, network server and system | |
| CN105100065B (en) | Webshell attack detection methods, device and gateway based on cloud | |
| CN111967018A (en) | Method for automatically detecting Tomcat known vulnerability | |
| CN112988607B (en) | Application program component detection method and device and storage medium | |
| CN103095698B (en) | The restorative procedure of client software, device and communication system | |
| CN117009911B (en) | Abnormality determination method and device for target event, medium and electronic equipment | |
| CN110348226B (en) | Engineering file scanning method and device, electronic equipment and storage medium | |
| CN102024111A (en) | On-line scanning method for website programs | |
| CN112528295A (en) | Vulnerability repairing method and device of industrial control system | |
| KR101115250B1 (en) | Apparatus and method for checking safety of qr code | |
| CN106802860B (en) | Useless class detection method and device | |
| CN110874316B (en) | Method, device and system for scanning codes | |
| CN114879985B (en) | Method, device, equipment and storage medium for installing certificate file | |
| CN113031995B (en) | Rule updating method and device, storage medium and electronic equipment | |
| CN105516114A (en) | Method and device for scanning vulnerability based on webpage hash value and electronic equipment | |
| CN115373885A (en) | Fault repairing method and device, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110420 |